Prospect Union warns members after cyberattack exposes sensitive personal data

Prospect, a UK trade union representing scientists, engineers, technology professionals, and managers, has warned members about a cyberattack that exposed sensitive personal data, including information on sexual orientation and disabilities. The breach, which occurred in June 2025, is believed to have affected up to 160,000 members across major public and private sector organizations.

In disclosure emails sent this week, Prospect confirmed that personal details such as names, contact information, dates of birth, ethnicities, faith, disabilities, employers, job titles, and, in some cases, bank account numbers and sort codes were compromised. The amount of information exposed varies by individual, depending on what data each member provided to the union.

General Secretary Mike Clancy said the union detected the security incident in June and immediately engaged external cybersecurity experts to investigate and contain the breach. “There was no significant operational impact, and we continued to support members throughout,” Clancy said in a message to members. “We are very sorry for any concern this may cause. We have no reason to believe that information relating to you or any Prospect members was specifically targeted, and we have no evidence that it has been misused.”

The union has reported the breach to the UK Information Commissioner’s Office and stated that the investigation remains ongoing. Clancy emphasized that protecting member data remains a top priority and that Prospect has strengthened its IT defenses in response to the incident.

In a step more common in the United States than the UK, Prospect is offering affected members 12 months of complimentary credit and identity monitoring services through Experian. Members must enroll by October 30 to take advantage of the offer.

The union also urged members to remain alert for potential scams and to take proactive security measures, such as using strong and unique passwords, enabling multi-factor authentication, and monitoring financial statements for suspicious activity. Additional cybersecurity advice has been made available through the UK’s National Cyber Security Centre.

Prospect represents professionals working in a range of high-profile organizations, including BT Group, the Met Office, BAE Systems, Rolls-Royce, Siemens, Jacobs, the Ministry of Defence, and the National Trust.